Registry

.app Domain Registration Policy

Registrars must provide notification to alert prospective registrants to the requirement of
HTTPS on .app names in order for domains to work in web browsers. This notification must be
clearly and conspicuously disclosed as part of the registration flow prior to purchase. It
must be distinct and not embedded in other terms of service, nor require the registrant to
follow a link to obtain the information.

The following information must be included as part of the notice to all registrants:

That .app is an encrypted by default namespace;

The requirement to configure HTTPS serving so that browsers can load .app websites; and

Resources about configuring HTTPS and obtaining an SSL certificate

Information may be linked as part of an external or internal website or window, and

Registrars may provide their own information about configuring HTTPS browsing or
link to third party resources

Any registrant of a letter/letter two-character ASCII label represents that it will take
steps to ensure against misrepresenting or falsely implying that the registrant or its
business is affiliated with a government or country-code manager if such affiliation,
sponsorship or endorsement does not exist.